So some facts are beginning to emerge: The Lie Behind 1.2B Stolen Passwords.
Short version appears to be that this Holden guy hung out in Russian hacker forums long enough to accumulate a middling-sized list of mostly outdated/useless user credentials, and is now trying fairly hamfistedly and dishonestly to leverage that into business for his security firm.
